From owner-freebsd-fs@FreeBSD.ORG Mon Dec 6 22:58:34 2010 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 711351065670; Mon, 6 Dec 2010 22:58:34 +0000 (UTC) (envelope-from joe@netmusician.org) Received: from mail.netmusician.org (dorian.netmusician.org [66.244.95.101]) by mx1.freebsd.org (Postfix) with ESMTP id 3BA198FC12; Mon, 6 Dec 2010 22:58:33 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netmusician.org (Postfix) with ESMTP id 7AEC9B87C; Mon, 6 Dec 2010 17:58:33 -0500 (EST) X-Virus-Scanned: amavisd-new at netmusician.org Received: from mail.netmusician.org ([127.0.0.1]) by localhost (dorian.netmusician.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id Gfhk-BeZ2332; Mon, 6 Dec 2010 17:58:33 -0500 (EST) Received: from Shakti.local (c-71-201-100-167.hsd1.in.comcast.net [71.201.100.167]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.netmusician.org (Postfix) with ESMTPSA id BE2E0B87A; Mon, 6 Dec 2010 17:58:32 -0500 (EST) Message-ID: <4CFD6A96.9090502@netmusician.org> Date: Mon, 06 Dec 2010 17:58:30 -0500 From: Joe Auty User-Agent: Postbox 2.0.2 (Macintosh/20101025) MIME-Version: 1.0 To: =?ISO-8859-2?Q?Edward_Tomasz_Napiera=B3a?= References: <1124305635.1255931.1291670668724.JavaMail.root@erie.cs.uoguelph.ca> <4CFD5D73.1050601@netmusician.org> <4CFD6506.7090901@netmusician.org> <408E7ECD-C232-47DD-9D24-389F2CA4E406@FreeBSD.org> <4CFD6808.8010004@netmusician.org> In-Reply-To: X-Enigmail-Version: 1.1.2 Content-Type: text/plain; charset=ISO-8859-2 Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-fs@freebsd.org Subject: Re: Migrating from NFSv3 to v4 - NFSv4 ACL/permission confusion X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2010 22:58:34 -0000 Edward Tomasz Napiera=B3a wrote: > Wiadomo=B6=E6 napisana przez Joe Auty w dniu 2010-12-06, o godz. 23:47: >> Edward Tomasz Napiera=B3a wrote: >>> Wiadomo=B6=E6 napisana przez Joe Auty w dniu 2010-12-06, o godz. 23:3= 4: >>>> Edward Tomasz Napiera=B3a wrote: >>>>> Wiadomo=B6=E6 napisana przez Joe Auty w dniu 2010-12-06, o godz. 23= :02: >>>>>>> Also, make sure "ls -l" is not reporting "nobody". If the user/gr= oup >>>>>>> name mapping isn't working, most Setattr Ops will fail. >>>>>>> >>>>>>> rick >>>>>>> >>>>>> Thanks Rick, >>>>>> >>>>>> I will look into this, but for the benefit of my own education, ar= e >>>>>> NFSv4 ACLs supposed to be intertwined or separate from standard Un= ix >>>>>> permissions? I'm confused as to how the ACLs have changed from v3,= or if >>>>>> this is even relevant to my problem not really knowing how they wo= rk and >>>>>> why they are needed :) >>>>> Both POSIX.1e and NFSv4 ACLs are similar in that they both influenc= e >>>>> the mode, and get influenced by it. In other words, when you chang= e >>>>> the ACL, the mode gets updated; when you change the mode, the ACL g= ets >>>>> updated. Also, for both POSIX.1e and NFSv4 ACLs, file mode continu= es >>>>> to work as usual if you ignore the ACL part. >>>>> >>>> Thanks for this! >>>> >>>> So, if I want to just ignore the NFSv4 ACLs on account of not needin= g >>>> anything beyond the POSIX ACLs, I'm free to do so without consequenc= e... >>>> Correct? >>> If you want to just ignore the ACLs on account of not needing anythin= g >>> beyond the file mode, aka standard UNIX permissions. Filesystems >>> support either POSIX.1e ACLs, or NFSv4 ACLs, not both. I didn't >>> actually test NFSv4, but I guess it uses NFSv4 ACLs, not POSIX.1e. >>> ZFS supports NFSv4 only. UFS supports either POSIX.1e or NFSv4, >>> depending on the mount options. >> I might be misunderstanding you, but ZFS definitely supports NFSv3 >> because I've been mounting and using NFS volumes via this protocol >> version for quite some time now without incident. > > Let me rephrase: ZFS only supports NFSv4 ACLs, it does not support > POSIX.1e ACLs. Since ACLs are not a mandatory element of filesystem, > sharing ZFS over NFSv3 works, but the client has no way to manipulate > the ACLs or retrieve them. When sharing ZFS over NFSv4, the NFSv4 ACLs > should work, I guess. > > Still, I'm not sure if the problem is actually ACL-related. > Well, since I'm not setting any or have any need to use them since I've been just fine with POSIX ACLs, they may be irrelevant. I only brought them up because I'm flying blind with trying to figure out my problem here, and in Googling I came across stuff related to the NFSv4 ACLs, which is one obvious change between v3 and v4. I'm going to try my same test on my CentOS box and will report back. Thanks all of your for your patience with this! --=20 Joe Auty, NetMusician NetMusician helps musicians, bands and artists create beautiful, professional, custom designed, career-essential websites that are easy to maintain and to integrate with popular social networks. www.netmusician.org joe@netmusician.org